CVE-2026-40850 | MB Connect Line mbCONNECT24/mymbCONNECT24 up to 2.20.0 getAccountData sql injection (VDE-2026-044)

May 27, 2026 Yanac

A vulnerability classified as critical has been found in MB Connect Line mbCONNECT24 and mymbCONNECT24 up to 2.20.0. This impacts the function getAccountData. This manipulation causes sql injection.

This vulnerability is handled as CVE-2026-40850. The attack can be initiated remotely. There is not any exploit available.VulDB Recent EntriesRead More

CVE-2026-40852 | MB Connect Line mbNET/mbNET.rokey/mbNET.mini up to 8.4.4 Configuration os command injection (VDE-2026-054)
CVE-2026-40849 | MB Connect Line mbCONNECT24/mymbCONNECT24 up to 2.20.0 user_alarmprofile sql injection (VDE-2026-044)